proxy protocol over a plain tcp with ssl

nir Thu, 11 Jan 2018 05:23:05 -0800

I'm trying to configure nginx which is behind an haproxy to pass the proxy
protocol over a plain tcp connection. It works well.
When I add ssl to the equation it fails. Below is the nginx configuration
block I'm using.
Is it a configuration issue or might be that it's not at all possible for
nginx to pass proxy protocol with ssl if the connection is not strictly
https?



stream {
    upstream some_backend {
         server some_host:18010;
    }

    server {
        listen                8010;
        listen                8012 ssl;
        proxy_pass            some_backend;
        proxy_protocol        on;

        ssl_certificate           /etc/ssl/server.crt;
        ssl_certificate_key   /etc/ssl/server.key;
        ssl_protocols         SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers           HIGH:!aNULL:!MD5;
        ssl_session_cache     shared:SSLTCP:20m;
        ssl_session_timeout   4h;
        ssl_handshake_timeout 30s;
    }
}

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,278113,278113#msg-278113

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

proxy protocol over a plain tcp with ssl

Reply via email to